The present invention relates to configuring field programmable gate arrays generally, and more particularly to protecting configuration bitstreams from detection or alteration.
Field programmable gate array (FPGA) devices are logic or mixed signal devices that may be configured to provide a desirable user-defined function. FPGAs are typically configured using data provided by a configuration device. This data may be referred to as a configuration bitstream or program object file (POF). This bitstream opens and closes switches formed on an FPGA such that desired electrical connections are made.
Modern FPGAs contain hundreds of thousands of logic gates, as well as processors, memories, dedicated analog function blocks, and other circuits. This extensive circuitry requires a correspondingly long configuration bitstream to configure it. For example, 55 Megabits of configuration data are now needed by some FPGAs.
This configuration data represents an FPGA user design that is the outcome of a huge investment in manpower and research and development costs, often in the million dollar range. To protect this investment, these bitstreams are often encrypted. The encrypted bitstream is decrypted using a key stored on the FPGA, and the FPGA is then configured. While an FPGA is being configured, the bitstream that is susceptible to detection is encrypted and thus protected from theft.
Unfortunately, problems remain even with the use of encryption. If the encryption key can be determined, for example by examining an FPGA, the encrypted bitstream can be copied and the protected device can be cloned. Also, if the key can be erased or modified, then the protected device can be reconfigured to perform a new function. This can be particularly problematic if the device is performing an important function, such as network security.
Thus, what is needed are circuits, methods, and apparatus that provide keys for encryption and other types of encoding that cannot readily be determined by inspection and cannot be erased.